package com.bjpowernode.common.pay;

import Decoder.BASE64Decoder;
import Decoder.BASE64Encoder;

import java.io.BufferedInputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;


public class Pkipair {

    //根据参数生成签名    String signMsg 原始数据
    public String signMsg(String signMsg) {
        String base64 = "";
        try {
            //获取证书实例
            KeyStore ks = KeyStore.getInstance("PKCS12");
            //盈利宝的私钥证书文件：10012140356.pfx
            String file = Pkipair.class.getResource("10012140356.pfx").getPath().replaceAll("%20", " ");
            System.out.println(file);

            // 创建一个文件输入流，用于读取文件
            FileInputStream ksfis = new FileInputStream(file);
            // 创建一个缓冲输入流，用于读取文件
            BufferedInputStream ksbufin = new BufferedInputStream(ksfis);

            //证书保护密码
            char[] keyPwd = "123456".toCharArray();
            //char[] keyPwd = "YaoJiaNiLOVE999Year".toCharArray();
            //将ksbufin中的数据加载到ks中，使用keyPwd作为密码
            ks.load(ksbufin, keyPwd);

            //获取盈利宝私钥  证书别名：test-alias
            PrivateKey priK = (PrivateKey) ks.getKey("test-alias", keyPwd);
            //获取签名实例  使用RSA算法生成签名值
            Signature signature = Signature.getInstance("SHA256withRSA");
            //初始化签名
            signature.initSign(priK);
            //更新签名信息
            signature.update(signMsg.getBytes("utf-8"));
            //创建base64编码器
            BASE64Encoder encoder = new BASE64Encoder();
            //对签名进行base64编码
            base64 = encoder.encode(signature.sign());
        } catch (FileNotFoundException e) {
            System.out.println("123");
        } catch (Exception ex) {
            ex.printStackTrace();
        }
        System.out.println("test = " + base64);
        return base64;
    }

    //验证签名
    public boolean enCodeByCer(String val, String msg) {
        boolean flag = false;
        try {

            //快钱的公钥
            String file = Pkipair.class.getResource("CFCA_sandbox.cer").toURI().getPath();
            System.out.println(file);
            FileInputStream inStream = new FileInputStream(file);

            CertificateFactory cf = CertificateFactory.getInstance("X.509");
            X509Certificate cert = (X509Certificate) cf.generateCertificate(inStream);

            PublicKey pk = cert.getPublicKey();

            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initVerify(pk);
            signature.update(val.getBytes());

            BASE64Decoder decoder = new BASE64Decoder();
            System.out.println(new String(decoder.decodeBuffer(msg)));
            flag = signature.verify(decoder.decodeBuffer(msg));
            System.out.println(flag);
        } catch (Exception e) {
            e.printStackTrace();
            System.out.println("no");
        }
        return flag;
    }

}
